Hi @Sainomono @Delc and @KeyboardMine 

Thank you for sharing that phishing email here so that other merchants can recognize these emails when they come in. We appreciate your diligence in this matter! 

To clarify for anyone else that comes upon this thread, if you receive an email that you believe is a phishing email pretending to be Shopify these are the steps you can take to report the email and ensure that your account is secure:

**IMPORTANT** Do not click on any of the links in the email. Do not provide your account information, bank information or any other sensitive information through the email. There are rare situations where Shopify may require you submit sensitive documents and 99.99% of the time that will be done directly through your store admin using a secure upload feature.

Please review our Help Center information for confirming if an email is real or fake: Protect your account against phishing. In situations like this we ask that you please send this email as an attachment to our Safety and Security team at safety@shopify.com. It is important to ensure that you are including the headers with that email as our team uses that to trace where the email came from. If you aren't sure how to do that, you can follow these steps from Google.

In case you did end up clicking on anything, or are unsure about the security for your account, please follow the steps below and reach out to our live support for additional help:

1. We recommend securing your devices by running anti-malware software.
   It is also advised that you ensure your wifi is secured according to the instructions provided by your ISP.
2. Update the password for your email account login and enable any additional security features that your email service provider offers - for example a Two-Step Authentication also know as Two-Factor Authentication
3. Update your password for your Shopify account
4. Ensure you are using a strong unique password. We have a handy resource I’d recommend looking over called: Generate unique passwords with a password vault
5. Once you have updated your Shopify account password, I would suggest enabling two-step authentication for extra security at login.. More information on this can be found here.
6. Review and update your banking details for Shopify payments to make sure you have the right account connected.
   See how here. We also recommend to check the ‘Accepted Payments’ section within Shopify Payments settings and make sure that all the major payment methods you would like to accept are selected.
7. Check all third party gateway integration to make sure correct accounts are linked - for example PayPal Express checkout - you can do so in Settings > Payments section of your store’s admin
8. Review any orders that may appear suspicious and reach out to the customer or cancel and refund suspicious looking orders to prevent chargebacks. If you’d like to find out more information about chargebacks please visit our Help Center here: Chargebacks and inquiries
9. Review general account settings to make sure information is appearing as it should - ( general settings, staff accounts, staff permissions, orders, discounts etc.) - for more information about staff account specifically, please visit our Help Center here: Managing staff

To ensure that anyone else that views this thread is able to see these steps I will be marking this thread as solved. Please don't hesitate to let us know if you have any security concerns about your account with Shopify.

- Shay